Hacker News new | past | comments | ask | show | jobs | submit login

For some reason, with both words, I have to stop and think about what the "other auth- word" is so I can be sure I'm thinking of this "auth word" correctly.

  1. Sees <authentication>
  1a. "That's who I am, but to be sure..."
  2. "Ehh... the other one is... <authorization>..."
  3. "<authorization> is what I'm allowed to do so..."
  4. "...yes, this one is who i am"
Seriously, every time. I probably worried I'd remembered it backwards at one point early in my career and have never shaken the habit of double-checking myself on it.



I did the exact same thing when I was reading the post! I had to stop reading and take a good 10 seconds to verify which one was which in my head. I use "auth" all the time as a placeholder for "you need to login to use this". I've never really thought too much about authorization versus authentication because to me, those are just implementation details under the "auth" umbrella.


To put a name to the intuition, it's like verb-vs-noun if I just keep it shortened to "auth"

  * auth (noun) - credentials
  * auth (verb) - with permission, gain access.
:shrug:


I authorize you to be authentic!




Consider applying for YC's W25 batch! Applications are open till Nov 12.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: